European Union and United States lawmakers had missed Sunday’s deadline for reaching an agreement on protecting EU citizens’ online data from US surveillance.
Officials from both sides of the Atlantic had failed to strike a deal by 31st January – a deadline imposed by European privacy regulators, which would have paved way for new guidelines for transferring of private data between the EU and the US.
The negotiations were aimed at rewriting data sharing laws, after the European Court of Justice (ECJ) had ruled the original Safe Harbour policy invalid in October 2015.
A European Commission spokesperson told Reuters on Monday that the talks held during the weekend were “constructive but difficult”.
Despite not meeting the initial deadline, the official suggested that negotiations are still taking place. “Work is still ongoing, we are not there yet, but the Commission is working day and night on achieving a deal” the spokesperson said.
Following the expiry of the grace period, The Register reported that both parties had to reach an agreement by end of the day on 1st February, however, no developments have yet been announced out of Brussels.
Over the course of several months, both sides have been deadlocked over multiple privacy issues including:
- Clarity on how much access US authorities will have to private data from the EU
- How EU citizens can take legal action if their data is believed to have been mishandled
Large US companies such as Google and Facebook, who regularly transfer users’ information between EU and US-based data centres, are among the corporations whom the potential deal will affect the most.
What is Safe Harbour?
Safe Harbour is the name of a previously enforced online privacy agreement between the United States Department of Commerce and the European Union.
Established in 2000, the agreement had outlined regulatory provisions for the transferring of EU citizens’ private data between the continents; chiefly, data obtained by US-based companies.
In 2015, the law was challenged by Austrian law student Max Schrems, who, together with a Belgian privacy watchdog, took Facebook to court over the way the company had handled sensitive user information.
The initiative was inspired by revelations of widespread digital surveillance by the NSA, leaked by former contractor-turned-whistleblower Edward Snowden.
The secret documents, which were published through major publications including The Guardian and New York Times, revealed a global extent of unauthorised data collection and monitoring conducted by the NSA.
As part of its surveillance programs, the agency was found to have accessed records of millions of private emails, web browsing activities as well as telephone records.
Following a lengthy court battle, the verdict was reached in favour of Schrems, and the ECJ voided the original Safe Harbour agreement with immediate effect.
Since the decision, US officials and the European Commission have squared off over the terms of a renewed data transfer policy, dubbed by the media as ‘Safe Harbour 2.0’.